Flux RSS


Yahoo! 
MSN 
AOL 
Netvibes 
Bloglines 


Social bookmarking

Social bookmarking Digg  Social bookmarking Delicious  Social bookmarking Reddit  Social bookmarking Stumbleupon  Social bookmarking Slashdot  Social bookmarking Yahoo  Social bookmarking Google  Social bookmarking Blinklist  Social bookmarking Blogmarks  Social bookmarking Technorati  

Conservar e compartilhar o endereço de PC Seguro em seu site de social bookmarking

Conservar e compartilhar o endereço de Fórum PC Brasil em seu site de social bookmarking

Estatísticas
Temos 14449 usuários registrados
O último usuário registrado atende pelo nome de wostemberg3

Os nossos membros postaram um total de 35202 mensagens em 3565 assuntos
Últimos assuntos
» alguém pode me ajudar?
por joram Dom 19 Nov 2017, 22:51

Quem está conectado
4 usuários online :: Nenhum usuário registrado, Nenhum Invisível e 4 Visitantes :: 1 Motor de busca

Nenhum

O recorde de usuários online foi de 108 em Qui 15 Maio 2014, 21:18
Buscar
 
 

Resultados por:
 


Rechercher Busca avançada

Novembro 2017
SegTerQuaQuiSexSabDom
  12345
6789101112
13141516171819
20212223242526
27282930   

Calendário Calendário


Remover o Find Key- find.com

Página 1 de 2 1, 2  Seguinte

Ver o tópico anterior Ver o tópico seguinte Ir em baixo

Remover o Find Key- find.com

Mensagem por keyka13 em Qua 11 Fev 2015, 21:25

Não consigo desinstalar o Finde Key-find.com dos meus navegadores.
avatar
keyka13
Iniciante
Iniciante

Mensagens : 34
Reputação : 0
Data de inscrição : 27/02/2014

Voltar ao Topo Ir em baixo

Re: Remover o Find Key- find.com

Mensagem por joram em Qua 11 Fev 2015, 21:52

/!\ Boa Noite! keyka13 /!\

> Baixe: < [Você precisa estar registrado e conectado para ver este link.] >  < [Você precisa estar registrado e conectado para ver esta imagem.] > ( ... de Nicolas Coolman )
> Ou [Você precisa estar registrado e conectado para ver este link.] << Link!
> Salve-o no disco local! ( C ou D )
> Desabilite seu antivírus e execute "ZHPDiag2.exe",para instalar a ferramenta.

[Você precisa estar registrado e conectado para ver esta imagem.]

> Execute o ícone do pergaminho. ( ZHPDiag )

[Você precisa estar registrado e conectado para ver este link.]

> Clique "COMPLETA" e aguarde a conclusão!
> Clique OK e,ao concluir,poste o relatório! ( ZHPDiag.txt
> Ps: Como o log será extenso,envie-o à [Você precisa estar registrado e conectado para ver este link.].

> Ou acesse: < [Você precisa estar registrado e conectado para ver este link.]

> Maiores informações: < |[Você precisa estar registrado e conectado para ver este link.]| > << Hospedagem!

A+
avatar
joram
Administrador
Administrador

Mensagens : 3768
Reputação : 416
Data de inscrição : 26/01/2014
Localização : Rio de Janeiro

Voltar ao Topo Ir em baixo

Re: Remover o Find Key- find.com

Mensagem por keyka13 em Qua 11 Fev 2015, 23:06

Boa noite,

Obrigada pela atenção. Segue o relatório.
avatar
keyka13
Iniciante
Iniciante

Mensagens : 34
Reputação : 0
Data de inscrição : 27/02/2014

Voltar ao Topo Ir em baixo

Re: Remover o Find Key- find.com

Mensagem por joram em Qua 11 Fev 2015, 23:32

/!\ Boa Noite! keyka13 /!\

> Execute este script na ferramenta ZHPFix.
> Selecione e copie estas informações que estão em vermelho,para o Bloco de Notas.
> Com o Bloco de Notas aberto,faça: ctrl+a >> ctrl+c ( Selecionar e Copiar )
> À seguir,minimize o Bloco de Notas.

Script ZHPFix
FirewallRaz
EmptyPrefetch
EmptyCLSID
EmptyTemp
EmptyFlash
HiddenFix
ProxyFix
IfeoFix
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [Você precisa estar registrado e conectado para ver este link.]
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [Você precisa estar registrado e conectado para ver este link.]
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = [Você precisa estar registrado e conectado para ver este link.]
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = [Você precisa estar registrado e conectado para ver este link.]
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = [Você precisa estar registrado e conectado para ver este link.]
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = [Você precisa estar registrado e conectado para ver este link.]
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = [Você precisa estar registrado e conectado para ver este link.]
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = [Você precisa estar registrado e conectado para ver este link.]
SS - | Auto 22/07/1658 0 |  (PCFasterSvc_{PCFaster_4.0.0.0}) . (...) - C:\Program Files\Baidu Security\PC Faster\4.0.0.0\PCFasterSvc.exe
SR - | Auto 16/01/2015 158896 |  (IHProtect Service) . (.XTab system.) - C:\Program Files\XTab\ProtectService.exe
SR - | Auto 11/02/2015 487056 |  (WindowsMangerProtect) . (.SysTool PasSame LIMITED.) - C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe
[MD5.77590CE0CDEB6BBEE8DC056FEA0B107C] - (.SearchProtect - CmdShell.exe.) -- C:\Program Files\XTab\cmdshell.exe   [48304] [PID.2716]
[MD5.A45721F5AFB6E49B9FEC5805CD1B643C] [SPRF][08/10/2014] (.No owner - Adware-Removal-Tool-v3.9.1.) -- C:\Users\usuario\Desktop\Adware-Removal-Tool-v3.9.1.exe   [753184]
O2 - BHO: IETabPage Class - {3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} . (.Thinknice Co. Limited - SupTab setup package.) -- C:\Program Files\XTab\SupTab.dll
O4 - GS\QuickLaunch [usuario]: Warface.lnk . (.Google Inc. - Google Chrome.)  -- C:\Program Files\Google\Chrome\Application\chrome.exe [Você precisa estar registrado e conectado para ver este link.]
O4 - HKLM\..\Run: [Baidu PC Faster 4.0.0.0] C:\Program Files\Baidu Security\PC Faster\4.0.0.0\PCFaster.exe (.not file.)
O23 - Service: IHProtect Service (IHProtect Service) . (.XTab system - ProtectSvc.exe.) - C:\Program Files\XTab\ProtectService.exe
O23 - Service: WindowsMangerProtect Service (WindowsMangerProtect) . (.SysTool PasSame LIMITED - Windows SysTool  Service.) - C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe
O23 - Service: Baidu PC Faster Service 4.0.0.0 (PCFasterSvc_{PCFaster_4.0.0.0}) . (...) - C:\Program Files\Baidu Security\PC Faster\4.0.0.0\PCFasterSvc.exe (.not file.)
O41 - Driver:  ({4dab53d4-80cb-41db-8aeb-6aff55ca8f33}Gw) . (.StdLib - StdLib.) - C:\Windows\System32\drivers\{4dab53d4-80cb-41db-8aeb-6aff55ca8f33}Gw.sys
O41 - Driver:  (BprotectEx) . (. - .) - C:\Windows\system32\drivers\BprotectEx.sys (.not file.)
O43 - CFD: 11/02/2015 - 15:33:48 - [] ----D C:\Users\usuario\AppData\Roaming\key-find
O43 - CFD: 11/02/2015 - 21:33:13 - [0] ----D C:\Users\usuario\AppData\Local\CombatArms
O44 - LFC:[MD5.440D85166B86BCEA5CAE6BCD98F57C1E] - 11/02/2015 - 08:29:50 ---A- . (.StdLib - StdLib.) -- C:\Windows\System32\Drivers\{4dab53d4-80cb-41db-8aeb-6aff55ca8f33}Gw.sys   [43152]
O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 11/02/2015 - 15:21:46 RSHA- . (...) -- C:\IO.SYS   [0]
O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 11/02/2015 - 15:21:46 RSHA- . (...) -- C:\MSDOS.SYS   [0]
O45 - LFCP:[MD5.705C6FA6B302D1A41CB100CB72D425A0] - 11/02/2015 - 15:19:24 ---A- - C:\Windows\Prefetch\GAMEO.EXE-4CF22717.pf
O45 - LFCP:[MD5.FF9E3BD8A31EDB5B66F966A7DF2BD461] - 11/02/2015 - 14:45:22 ---A- - C:\Windows\Prefetch\WPM_V20.0.0.1714_0204.EXE-55C1071E.pf
O58 - SDL:11/02/2015 - 08:29:50 ---A- . (.StdLib - StdLib.) -- C:\Windows\System32\Drivers\{4dab53d4-80cb-41db-8aeb-6aff55ca8f33}Gw.sys   [43152]
O61 - LFC: 11/02/2015 - 21:44:18 ---A- . (...) -- C:\Users\usuario\AppData\Local\Temp\nsz1518.tmp\nsProcess.dll   [4096]
O61 - LFC: 11/02/2015 - 21:44:27 ---A- . (...) -- C:\Users\usuario\AppData\Local\Temp\~nsu.tmp\Au_.exe   [258936]
O64 - Services: CurCS - 11/02/2015 - C:\Windows\System32\drivers\{4dab53d4-80cb-41db-8aeb-6aff55ca8f33}Gw.sys ({4dab53d4-80cb-41db-8aeb-6aff55ca8f33}Gw)  .(.StdLib - StdLib.) - LEGACY_{4DAB53D4-80CB-41DB-8AEB-6AFF55CA8F33}GW
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (Bing) - [Você precisa estar registrado e conectado para ver este link.]
O69 - SBI: SearchScopes [HKCU] {2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0} [DefaultScope] - (e) - [Você precisa estar registrado e conectado para ver este link.]
HKLM\SOFTWARE\Microsoft\Tracing\gameo_RASAPI32
HKLM\SOFTWARE\Microsoft\Tracing\gameo_RASMANCS
HKLM\SOFTWARE\Microsoft\Tracing\MaxigetCrashHandler_RASAPI32
HKLM\SOFTWARE\Microsoft\Tracing\MaxigetCrashHandler_RASMANCS
HKLM\SOFTWARE\Microsoft\Tracing\MaxigetUpdater_RASAPI32
HKLM\SOFTWARE\Microsoft\Tracing\MaxigetUpdater_RASMANCS
HKLM\SOFTWARE\Microsoft\Tracing\wpm_v20_RASAPI32
HKLM\SOFTWARE\Microsoft\Tracing\wpm_v20_RASMANCS
[HKLM\Software\key-findSoftware]
[HKCU\Software\Gameo]
[HKCU\Software\InstallCore]
[HKCU\Software\Maxiget]
[HKLM\Software\IHProtect]
[HKLM\Software\Maxiget]
[HKLM\Software\SupDp]
[HKLM\Software\supTab]
[HKLM\Software\supWindowsMangerProtect]
[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}]
[HKLM\SYSTEM\CurrentControlSet\Services\IHProtect Service]
[HKLM\SYSTEM\CurrentControlSet\Services\WindowsMangerProtect]
[HKLM\Software\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}]
C:\Program Files\XTab\cmdshell.exe
C:\Program Files\Maxiget
C:\ProgramData\IHProtectUpDate
C:\ProgramData\WindowsMangerProtect
C:\Users\usuario\AppData\Local\Gameo
C:\Users\usuario\AppData\Local\Maxiget
ServiceStop:BprotectEx
ServiceStop:IHProtect Service
ServiceStop:WindowsMangerProtect
ServiceStop:PCFasterSvc_{PCFaster_4.0.0.0}
ServiceStop:{4dab53d4-80cb-41db-8aeb-6aff55ca8f33}Gw


> Abra a ferramenta ZHPFix. < [Você precisa estar registrado e conectado para ver esta imagem.] >
> Clique IMPORTAÇÃO >> OK.
> Ps: Ao clicar "OK",verifique se o campo está limpo para que receba,somente,as informações do script.
> Clique "GO".
> Poste o relatório!

[Você precisa estar registrado e conectado para ver esta imagem.]
< Peço aos visitantes que não utilizem este script em outros computadores,sob risco de danos irreparáveis aos mesmos! >

A+
avatar
joram
Administrador
Administrador

Mensagens : 3768
Reputação : 416
Data de inscrição : 26/01/2014
Localização : Rio de Janeiro

Voltar ao Topo Ir em baixo

Re: Remover o Find Key- find.com

Mensagem por keyka13 em Qui 12 Fev 2015, 12:10

Bom dia Joram,

Segue o link do relatório.

[Você precisa estar registrado e conectado para ver este link.]


Att.,

Keyka
avatar
keyka13
Iniciante
Iniciante

Mensagens : 34
Reputação : 0
Data de inscrição : 27/02/2014

Voltar ao Topo Ir em baixo

Re: Remover o Find Key- find.com

Mensagem por joram em Qui 12 Fev 2015, 12:23

/!\ Bom Dia! keyka13 /!\

> Baixe: < [Você precisa estar registrado e conectado para ver este link.] > ( ... par Xplode )
>
> Ou daqui: < [Você precisa estar registrado e conectado para ver este link.] >
> Ao acessar,clique em "Download Now".
>
> Salve-o no desktop!

< [Você precisa estar registrado e conectado para ver esta imagem.] >

> Clique direito em adwcleaner.exe,e escolha sua execução como administrador.

[Você precisa estar registrado e conectado para ver esta imagem.]

> Ps: Dê início ao scan,clicando em "Examinar". 

[Você precisa estar registrado e conectado para ver esta imagem.]

> Ao concluir,clique "Limpar" >> Ok >> Ok >> Ok.
> Copie o log ou clique "Relatório".
> Poste: < C:\AdwCleaner\AdwCleaner[S0].txt > 

A+
avatar
joram
Administrador
Administrador

Mensagens : 3768
Reputação : 416
Data de inscrição : 26/01/2014
Localização : Rio de Janeiro

Voltar ao Topo Ir em baixo

Re: Remover o Find Key- find.com

Mensagem por keyka13 em Qui 12 Fev 2015, 12:55

Bom dia,


Segue o relatório




# AdwCleaner v4.110 - Logfile created 12/02/2015 at 11:48:30
# Updated 05/02/2015 by Xplode
# Database : 2015-02-05.2 [Local]
# Operating system : Windows 7 Ultimate (x86)
# Username : usuario - USUARIO-PC
# Running from : C:\Users\usuario\Downloads\AdwCleaner.exe
# Option : Cleaning

***** [ Services ] *****

[#] Service Deleted : WindowsMangerProtect
[#] Service Deleted : IHProtect Service

***** [ Files / Folders ] *****

Folder Deleted : C:\Program Files\XTab
File Deleted : C:\Users\usuario\AppData\Roaming\Mozilla\Firefox\Profiles\bum5tz84.default\user.js

***** [ Scheduled tasks ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WindowsMangerProtect
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{917CAAE9-DD47-4025-936E-1414F07DF5B8}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{968EDCE0-C10A-47BB-B3B6-FDF09F2A417D}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{A2D733A7-73B0-4C6B-B0C7-06A432950B66}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{67C334C0-408D-4E6D-B5A7-0ADD6AFFA252}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{E733165D-CBCF-4FDA-883E-ADEF965B476C}
Key Deleted : HKCU\Software\Baidu
Key Deleted : HKLM\SOFTWARE\Baidu

***** [ Web browsers ] *****

-\\ Internet Explorer v8.0.7600.16385


-\\ Mozilla Firefox v29.0.1 (pt-BR)

[bum5tz84.default\prefs.js] - Line Deleted : user_pref("browser.search.defaultenginename", "key-find");

-\\ Google Chrome v40.0.2214.111


-\\ Opera v0.0.0.0


*************************

AdwCleaner[R0].txt - [2187 bytes] - [12/02/2015 11:41:37]
AdwCleaner[S0].txt - [2167 bytes] - [12/02/2015 11:48:30]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [2226 bytes] ##########
avatar
keyka13
Iniciante
Iniciante

Mensagens : 34
Reputação : 0
Data de inscrição : 27/02/2014

Voltar ao Topo Ir em baixo

Re: Remover o Find Key- find.com

Mensagem por joram em Qui 12 Fev 2015, 13:20

/!\ Boa Tarde! keyka13 /!\

[Você precisa estar registrado e conectado para ver este link.]

> Abra a ferramenta AdwCleaner e clique em "Desinstalar".
> Confirme a solicitação!

> Baixe: < [Você precisa estar registrado e conectado para ver este link.] > ( ... by Oleg N. Scherbakov )

> Salve-o no desktop!
> Desabilite seu antivírus!
> Para Windows 7,clique direito em JRT.exe e execute-o ... 

[Você precisa estar registrado e conectado para ver esta imagem.]

[Você precisa estar registrado e conectado para ver este link.]

> Aguarde a conclusão e poste o relatório. ( JRT.txt )

A+
avatar
joram
Administrador
Administrador

Mensagens : 3768
Reputação : 416
Data de inscrição : 26/01/2014
Localização : Rio de Janeiro

Voltar ao Topo Ir em baixo

Re: Remover o Find Key- find.com

Mensagem por keyka13 em Qui 12 Fev 2015, 13:46

Boa tarde,

Segue o relatório.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.4.2 (02.02.2015:1)
OS: Windows 7 Ultimate x86
Ran by usuario on 12/02/2015 at 12:40:58,25
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\ProgramData\baidu security"
Successfully deleted: [Folder] "C:\Users\usuario\AppData\Roaming\baidu security"



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 12/02/2015 at 12:44:34,24
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
avatar
keyka13
Iniciante
Iniciante

Mensagens : 34
Reputação : 0
Data de inscrição : 27/02/2014

Voltar ao Topo Ir em baixo

Re: Remover o Find Key- find.com

Mensagem por joram em Qui 12 Fev 2015, 13:51

/!\ Boa Tarde! keyka13 /!\

> Baixe: < [Você precisa estar registrado e conectado para ver este link.] > ( ... by Smeenk )

< [Você precisa estar registrado e conectado para ver esta imagem.] [Você precisa estar registrado e conectado para ver este link.] >

> Salve-o ao desktop!
> Desabilite seu antivírus!
> Para Windows 7,execute Zoek.exe como administrador.

emptyfolderscheck;delete
ipconfig /flushdns;b
quickscan;
emptytemp;
emptyclsid;
autoclean;
Baidu;a
Baidu;z
 

> Copie e cole estas informações,que estão em vermelho,no campo da ferramenta.
> Clique "Run Script". 

Zoek.exe is running now. 
Do not start any browser windows, they will be closed automatically. 
Please wait! This window will close when finished. 
A logfile will open afterwards and can also be found on your systemdrive as zoek-results.log
> Surgirão informações,pedindo-lhe que aguarde o surgimento do relatório.
> Ps: Essas informações,podem permanecer estáticas na tela por 20 minutos ou mais.

[Você precisa estar registrado e conectado para ver esta imagem.]

> Confirme o reboot!

zoek.hta failed by unknown error.
Restart computer, and try again.
> Ps: Ao obter algum erro,reinicie o PC e execute,novamente,a ferramenta.
> Poste o relatório,que estará em C:\zoek-results.txt << 

A+
avatar
joram
Administrador
Administrador

Mensagens : 3768
Reputação : 416
Data de inscrição : 26/01/2014
Localização : Rio de Janeiro

Voltar ao Topo Ir em baixo

Re: Remover o Find Key- find.com

Mensagem por keyka13 em Qui 12 Fev 2015, 14:38

Boa tarde,

Segue o relatório,


Zoek.exe v5.0.0.0 Updated 10-February-2015
Tool run by usuario on 12/02/2015 at 12:59:03,06.
Microsoft Windows 7 Ultimate 6.1.7600 x86
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\usuario\Downloads\zoek.exe [Scan all users] [Script inserted]

==== System Restore Info ======================

12/02/2015 13:00:31 Zoek.exe System Restore Point Created Succesfully.

==== Empty Folders Check ======================

C:\Program Files\DivX deleted successfully
C:\Program Files\DSP-worx deleted successfully
C:\Program Files\TBD deleted successfully
C:\Program Files\VS Revo Group deleted successfully
C:\Users\usuario\AppData\Local\Clarus deleted successfully
C:\Users\usuario\AppData\Local\VirtualStore deleted successfully

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-1056058278-1912215596-151107422-1000\Software\Microsoft\Internet Explorer\SearchScopes\{9CB96984-43C3-4D44-90EF-01466EFCF7BB} deleted successfully
HKEY_USERS\S-1-5-21-1056058278-1912215596-151107422-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{10921475-03CE-4E04-90CE-E2E7EF20C814} deleted successfully
HKEY_USERS\S-1-5-21-1056058278-1912215596-151107422-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{10921475-03CE-4E04-90CE-E2E7EF20C814} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{10921475-03CE-4E04-90CE-E2E7EF20C814} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{10921475-03CE-4E04-90CE-E2E7EF20C814} deleted successfully

==== Deleting CLSID Registry Values ======================


==== Deleting Services ======================

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog\Application\Util Clock Hand deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Util Clock Hand deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Eventlog\Application\Util Clock Hand deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Util Clock Hand deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog\Application\Update Clock Hand deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Update Clock Hand deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Eventlog\Application\Update Clock Hand deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Update Clock Hand deleted successfully

==== FireFox Fix ======================

ProfilePath: C:\Users\usuario\AppData\Roaming\Mozilla\Firefox\Profiles\bum5tz84.default

user.js not found
---- Lines browser.startup.page removed from prefs.js ----
user_pref("browser.startup.page", 1);
---- FireFox user.js and prefs.js backups ----

prefs_022015_1318_.backup

==== Batch Command(s) Run By Tool======================


==== Deleting Files \ Folders ======================

C:\PROGRA~2\DivX deleted
C:\found.000 deleted
C:\Users\usuario\AppData\Roaming\GoldenGate deleted
C:\Users\usuario\AppData\Roaming\ProductData deleted
C:\PROGRA~2\ProductData deleted
C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\WebNavigation.crx deleted
C:\Users\usuario\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Play Games Online.url deleted
C:\Windows\system32\GroupPolicy\Machine deleted
C:\Windows\system32\GroupPolicy\User deleted
C:\Windows\system32\GroupPolicy\gpt.ini deleted
C:\Users\Public\Desktop\MP3 Downloader.lnk deleted
"C:\Users\usuario\AppData\Local\{94C5C449-9B9F-40C2-BB3D-678E8C3F373C}" deleted

==== Folders Found ======================

2010-02-22 03:00:34 2010-02-22 03:00:34 -------- d-----w- C:\Users\Public\Documents\Baidu
2014-10-06 23:21:16 2014-10-06 23:21:16 -------- d-----w- C:\Windows\System32\config\systemprofile\AppData\Roaming\Baidu Security
2014-10-06 23:20:33 2010-02-22 03:01:29 -------- d-----w- C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Baidu PC Faster

==== Files Found ======================


--- C:\Windows\pss\Baidu PC Faster Uninstall 4.0.0.0.lnk.Startup ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ------w-
File size: 1291
Created time: 2014-04-01 17:56:03
Modified time: 2014-04-01 17:49:36
MD5: 272A69B4A82737CA4003C1E0F11E50CD
SHA1: 887AB1CA9DCE1124BEB770F288634F8779703EB8


--- C:\Windows\pss\Baidu PC Faster Uninstall HK 4.0.0.0.lnk.Startup ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ------w-
File size: 1303
Created time: 2014-04-01 17:56:03
Modified time: 2014-04-01 17:49:36
MD5: 71569387FF7BB1257219C48ECCD0DCBF
SHA1: 6A7586E9892684B7FB588F95204A90F68D7D2E03


==== Registry Search Results for "Baidu" ======================


[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security]

[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\DuplicateRecord]

[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\LogLoc]

[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\PC Faster]

[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\PC Faster\4.0.0.0]

[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\PC Faster\4.0.0.0\Setup]

[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\PC Faster\LogUp]

[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu_Drp_pos]

[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu_Drp_pos\DRP]

[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu_Drp_pos\DRP\Processing]

[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu_Drp_pos\DRP\Temp]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\*\shellex\ContextMenuHandlers\Baidu_Scan]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.hif]
@="Baidu.FacePack"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Baidu.FacePack]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Baidu.FacePack\DefaultIcon]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Baidu.FacePack\DefaultIcon]
@="\"C:\\Program Files\\baidu\\Spark\\Spark.exe\",-548"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\baiduspark.Torrent]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\baiduspark.Torrent\DefaultIcon]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\baiduspark.Torrent\DefaultIcon]
@="C:\\Program Files\\baidu\\Spark\\resource\\application\\Image\\baidubrowsertorrent.ico"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\baiduspark.Torrent\shell]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\baiduspark.Torrent\shell\open]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\baiduspark.Torrent\shell\open\command]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\baiduspark.Torrent\shell\open\command]
@="\"C:\\Program Files\\baidu\\Spark\\Spark.exe\" -- \"%1\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\BaiduSparkHTML]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\BaiduSparkHTML\DefaultIcon]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\BaiduSparkHTML\DefaultIcon]
@="C:\\Program Files\\baidu\\Spark\\resource\\application\\Image\\baidubrowserfile.ico"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\BaiduSparkHTML\shell]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\BaiduSparkHTML\shell\open]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\BaiduSparkHTML\shell\open\command]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\BaiduSparkHTML\shell\open\command]
@="\"C:\\Program Files\\baidu\\Spark\\Spark.exe\" -- \"%1\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\bav\DefaultIcon]
@="\"C:\\Program Files\\Baidu Security\\Baidu Antivirus\\Bav.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\bav\shell\open\command]
@="\"C:\\Program Files\\Baidu Security\\Baidu Antivirus\\Bav.exe\" UI_Start_From_IE"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\BLPFILE\DefaultIcon]
@="C:\\Program Files\\Baidu Security\\Baidu Antivirus\\bavadvtools\\3811A2B3-20AF-486d-81FA-8774762CC135\\tool\\Translator.exe,-201"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\BLPFILE\shell\open\command]
@="\"C:\\Program Files\\Baidu Security\\Baidu Antivirus\\bavadvtools\\3811A2B3-20AF-486d-81FA-8774762CC135\\tool\\Translator.exe\" \"%1\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0A93904A-BB1E-4a0c-9753-B57B9AE272CB}]
@="baidu right click handler"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0A93904A-BB1E-4a0c-9753-B57B9AE272CB}\InprocServer32]
@="C:\\Program Files\\Baidu Security\\Baidu Antivirus\\BavShx.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Drive\shellex\ContextMenuHandlers\Baidu_Scan]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder\ShellEx\ContextMenuHandlers\Baidu_Scan]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\lnkfile\shellex\ContextMenuHandlers\Baidu_Scan]

[HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\BaiduSpark.EXE]

[HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\BaiduSpark.EXE]
@="Baidu Spark Browser"

[HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\BaiduSpark.EXE\Capabilities]

[HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\BaiduSpark.EXE\Capabilities]
"ApplicationName"="BaiduSpark"

[HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\BaiduSpark.EXE\Capabilities]
"ApplicationIcon"="C:\\Program Files\\baidu\\Spark\\resource\\application\\Image\\baidubrowser.ico"

[HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\BaiduSpark.EXE\Capabilities]
"ApplicationDescription"="Baidu Spark Browser"

[HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\BaiduSpark.EXE\Capabilities\FileAssociations]

[HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\BaiduSpark.EXE\Capabilities\FileAssociations]
".xhtml"="BaiduSparkHTML"

[HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\BaiduSpark.EXE\Capabilities\FileAssociations]
".xht"="BaiduSparkHTML"

[HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\BaiduSpark.EXE\Capabilities\FileAssociations]
".shtml"="BaiduSparkHTML"

[HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\BaiduSpark.EXE\Capabilities\FileAssociations]
".html"="BaiduSparkHTML"

[HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\BaiduSpark.EXE\Capabilities\FileAssociations]
".htm"="BaiduSparkHTML"

[HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\BaiduSpark.EXE\Capabilities\StartMenu]

[HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\BaiduSpark.EXE\Capabilities\StartMenu]
"StartMenuInternet"="BaiduSpark.EXE"

[HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\BaiduSpark.EXE\Capabilities\URLAssociations]

[HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\BaiduSpark.EXE\Capabilities\URLAssociations]
"https"="BaiduSparkHTML"

[HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\BaiduSpark.EXE\Capabilities\URLAssociations]
"http"="BaiduSparkHTML"

[HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\BaiduSpark.EXE\Capabilities\URLAssociations]
"ftp"="BaiduSparkHTML"

[HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\BaiduSpark.EXE\DefaultIcon]

[HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\BaiduSpark.EXE\DefaultIcon]
@="C:\\Program Files\\baidu\\Spark\\resource\\application\\Image\\baidubrowser.ico"

[HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\BaiduSpark.EXE\InstallInfo]

[HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\BaiduSpark.EXE\InstallInfo]
"ShowIconsCommand"="\"C:\\Program Files\\baidu\\Spark\\Spark.exe\" --type=ToolUtilProcess --action=SetEnabled"

[HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\BaiduSpark.EXE\InstallInfo]
"HideIconsCommand"="\"C:\\Program Files\\baidu\\Spark\\Spark.exe\" --type=ToolUtilProcess --action=SetDisabled"

[HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\BaiduSpark.EXE\InstallInfo]
"ReinstallCommand"="\"C:\\Program Files\\baidu\\Spark\\Spark.exe\" --type=ToolUtilProcess --action=SetDefault"

[HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\BaiduSpark.EXE\shell]

[HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\BaiduSpark.EXE\shell\open]

[HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\BaiduSpark.EXE\shell\open\command]

[HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\BaiduSpark.EXE\shell\open\command]
@="\"C:\\Program Files\\baidu\\Spark\\Spark.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{77FEF28E-EB96-44FF-B511-3185DEA48697}]
"DllName"="baidubar.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{B580CF65-E151-49C3-B73F-70B13FCA8E86}]
"DllName"="baidubar.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^Users^usuario^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Baidu PC Faster Uninstall 4.0.0.0.lnk]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^Users^usuario^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Baidu PC Faster Uninstall 4.0.0.0.lnk]
"path"="C:\\Users\\usuario\\AppData\\Roaming\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\Baidu PC Faster Uninstall 4.0.0.0.lnk"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^Users^usuario^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Baidu PC Faster Uninstall 4.0.0.0.lnk]
"backup"="C:\\Windows\\pss\\Baidu PC Faster Uninstall 4.0.0.0.lnk.Startup"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^Users^usuario^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Baidu PC Faster Uninstall 4.0.0.0.lnk]
"command"="C:\\Windows\\System32\\rundll32.exe \"C:\\Users\\usuario\\AppData\\Roaming\\Baidu Security\\PC Faster\\4.0.0.0\\Uninstall\\Baidu PC Faster Uninstall\\0\\InstallUtility.dll\", _OpenUrl -run \"Baidu PC Faster Uninstall\" -ini \"OpenUrl.ini\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^Users^usuario^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Baidu PC Faster Uninstall 4.0.0.0.lnk]
"item"="Baidu PC Faster Uninstall 4.0.0.0"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^Users^usuario^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Baidu PC Faster Uninstall HK 4.0.0.0.lnk]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^Users^usuario^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Baidu PC Faster Uninstall HK 4.0.0.0.lnk]
"path"="C:\\Users\\usuario\\AppData\\Roaming\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\Baidu PC Faster Uninstall HK 4.0.0.0.lnk"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^Users^usuario^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Baidu PC Faster Uninstall HK 4.0.0.0.lnk]
"backup"="C:\\Windows\\pss\\Baidu PC Faster Uninstall HK 4.0.0.0.lnk.Startup"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^Users^usuario^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Baidu PC Faster Uninstall HK 4.0.0.0.lnk]
"command"="C:\\Windows\\System32\\rundll32.exe \"C:\\Users\\usuario\\AppData\\Roaming\\Baidu Security\\PC Faster\\4.0.0.0\\Uninstall\\Baidu PC Faster Uninstall HK\\0\\InstallUtility.dll\", _OpenUrl -run \"Baidu PC Faster Uninstall HK\" -ini \"OpenUrl.ini\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^Users^usuario^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Baidu PC Faster Uninstall HK 4.0.0.0.lnk]
"item"="Baidu PC Faster Uninstall HK 4.0.0.0"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\BaiduSpark.exe]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\BaiduSpark.exe]
@="C:\\Program Files\\baidu\\Spark\\Spark.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\BaiduSpark.exe]
"Path"="C:\\Program Files\\baidu\\Spark"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\Spark.exe]
"Path"="C:\\Program Files\\baidu\\Spark"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\Spark.exe]
@="C:\\Program Files\\baidu\\Spark\\Spark.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved]
"{0A93904A-BB1E-4a0c-9753-B57B9AE272CB}"="Baidu Scan"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Baidu Antivirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Baidu PC Faster 4.0.0.0]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Baidu PC Faster 4.0.0.0]
"DisplayName"="Baidu PC Faster"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Baidu PC Faster 4.0.0.0]
"DisplayIcon"="C:\\Program Files\\Baidu Security\\PC Faster\\4.0.0.0\\PCFaster.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Baidu PC Faster 4.0.0.0]
"UninstallString"="C:\\Program Files\\Baidu Security\\PC Faster\\4.0.0.0\\Uninstall.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Baidu PC Faster 4.0.0.0]
"Publisher"="Baidu Inc."

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Baidu PC Faster 4.0.0.0]
"InstallDir"="C:\\Program Files\\Baidu Security\\PC Faster\\4.0.0.0"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\PC App Store 4.5.1.6176]
"DisplayIcon"="C:\\Program Files\\Baidu Security\\PC App Store\\4.5.1.6176\\PCAppStore.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\PC App Store 4.5.1.6176]
"UninstallString"="C:\\Program Files\\Baidu Security\\PC App Store\\4.5.1.6176\\Uninstall.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\PC App Store 4.5.1.6176]
"Publisher"="Baidu, Inc."

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\PC App Store 4.5.1.6176]
"InstallDir"="C:\\Program Files\\Baidu Security\\PC App Store\\4.5.1.6176"

[HKEY_LOCAL_MACHINE\SOFTWARE\RegisteredApplications]
"BaiduSpark.EXE"="Software\\Clients\\StartMenuInternet\\BaiduSpark.EXE\\Capabilities"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BFILTER\0000]
"DeviceDesc"="Baidu Antivirus Minifilter Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BFMON\0000]
"DeviceDesc"="Baidu FS Monitor Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BHBASE\0000]
"DeviceDesc"="Baidu Hook Base"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BHIPSEX\0000]
"DeviceDesc"="Baidu HipsEx Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BNDEF\0000]
"DeviceDesc"="Baidu NetDefense"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BPROTECT\0000]
"DeviceDesc"="Baidu Protect"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BPROTECTEX\0000]
"DeviceDesc"="Baidu ProtectEx"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Bhbase]
"DisplayName"="Baidu Hook Base"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BFILTER\0000]
"DeviceDesc"="Baidu Antivirus Minifilter Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BFMON\0000]
"DeviceDesc"="Baidu FS Monitor Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BHBASE\0000]
"DeviceDesc"="Baidu Hook Base"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BHIPSEX\0000]
"DeviceDesc"="Baidu HipsEx Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BNDEF\0000]
"DeviceDesc"="Baidu NetDefense"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BPROTECT\0000]
"DeviceDesc"="Baidu Protect"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BPROTECTEX\0000]
"DeviceDesc"="Baidu ProtectEx"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\Bhbase]
"DisplayName"="Baidu Hook Base"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BFILTER\0000]
"DeviceDesc"="Baidu Antivirus Minifilter Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BFMON\0000]
"DeviceDesc"="Baidu FS Monitor Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BHBASE\0000]
"DeviceDesc"="Baidu Hook Base"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BHIPSEX\0000]
"DeviceDesc"="Baidu HipsEx Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BNDEF\0000]
"DeviceDesc"="Baidu NetDefense"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BPROTECT\0000]
"DeviceDesc"="Baidu Protect"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BPROTECTEX\0000]
"DeviceDesc"="Baidu ProtectEx"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Bhbase]
"DisplayName"="Baidu Hook Base"

[HKEY_USERS\.DEFAULT\Software\Baidu]

[HKEY_USERS\.DEFAULT\Software\Baidu\Application Bug]

[HKEY_USERS\.DEFAULT\Software\Baidu Security]

[HKEY_USERS\.DEFAULT\Software\Baidu Security\PC Faster]

[HKEY_USERS\S-1-5-21-1056058278-1912215596-151107422-1000\Software\Baidu Security]

[HKEY_USERS\S-1-5-21-1056058278-1912215596-151107422-1000\Software\Baidu Security\PC App Store]

[HKEY_USERS\S-1-5-21-1056058278-1912215596-151107422-1000\Software\Baidu Security\PC App Store\4.5.1.6176]

[HKEY_USERS\S-1-5-21-1056058278-1912215596-151107422-1000\Software\Baidu Security\PC App Store\4.5.1.6176\Install]

[HKEY_USERS\S-1-5-21-1056058278-1912215596-151107422-1000\Software\Baidu Security\PC App Store\4.5.1.6176\Install\67532]

[HKEY_USERS\S-1-5-21-1056058278-1912215596-151107422-1000\Software\Baidu Security\PC App Store\4.5.1.6176\Install\67532]
"url"="http://sync.pcfaster.baidu.com/cgi-bin-py-appstore/get_reinstall_channel_info_appstore.cgi?install_channel=pcf&new_install_channel=pcf&from_version=4.5.1.6176&to_version=4.5.1.6176&errorcode=0&errortext=&userid=8e8c02ac6474e8ade652744d2b8c3574&install_time=2010-02-22 03:01:36"

[HKEY_USERS\S-1-5-21-1056058278-1912215596-151107422-1000\Software\Baidu Security\PC App Store\4.5.1.6176\Install\67564]

[HKEY_USERS\S-1-5-21-1056058278-1912215596-151107422-1000\Software\Baidu Security\PC App Store\4.5.1.6176\Install\67564]
"url"="http://sync.security.baidu.co.th/cgi-bin-py-appstore/get_reinstall_channel_info_appstore.cgi?install_channel=pcf&new_install_channel=pcf&from_version=4.5.1.6176&to_version=4.5.1.6176&errorcode=0&errortext=&userid=8e8c02ac6474e8ade652744d2b8c3574&install_time=2010-02-22 03:01:36"

[HKEY_USERS\S-1-5-21-1056058278-1912215596-151107422-1000\Software\Baidu Security\PC App Store\DataReport]

[HKEY_USERS\S-1-5-21-1056058278-1912215596-151107422-1000\Software\Baidu Security\PC App Store\DataReport]
"c:\\users\\usuario\\appdata\\roaming\\baidu security\\pc app store\\rpdata"="http://sync.security.baidu.co.th/cgi-bin-py/get_appstore_statistic_info.cgi"

[HKEY_USERS\S-1-5-21-1056058278-1912215596-151107422-1000\Software\Baidu Security\PC App Store\Setup]

[HKEY_USERS\S-1-5-21-1056058278-1912215596-151107422-1000\Software\Baidu Security\PC Faster]

[HKEY_USERS\S-1-5-21-1056058278-1912215596-151107422-1000\Software\Baidu Security\PC Faster\4.0.0.0]

[HKEY_USERS\S-1-5-21-1056058278-1912215596-151107422-1000\Software\Baidu Security\PC Faster\4.0.0.0\CleanRecord]

[HKEY_USERS\S-1-5-21-1056058278-1912215596-151107422-1000\Software\Baidu Security\PC Faster\4.0.0.0\CloudOPTInfo]

[HKEY_USERS\S-1-5-21-1056058278-1912215596-151107422-1000\Software\Baidu Security\PC Faster\4.0.0.0\Install]

[HKEY_USERS\S-1-5-21-1056058278-1912215596-151107422-1000\Software\Baidu Security\PC Faster\4.0.0.0\Run]

[HKEY_USERS\S-1-5-21-1056058278-1912215596-151107422-1000\Software\Baidu Security\PC Faster\4.0.0.0\Run\Disable]

[HKEY_USERS\S-1-5-21-1056058278-1912215596-151107422-1000\Software\Baidu Security\PC Faster\4.0.0.0\Run\Disable\alluser]

[HKEY_USERS\S-1-5-21-1056058278-1912215596-151107422-1000\Software\Baidu Security\PC Faster\4.0.0.0\Run\Disable\curuser]

[HKEY_USERS\S-1-5-21-1056058278-1912215596-151107422-1000\Software\Baidu Security\PC Faster\4.0.0.0\Run\Disable\hkcu]

[HKEY_USERS\S-1-5-21-1056058278-1912215596-151107422-1000\Software\Baidu Security\PC Faster\4.0.0.0\Run\Disable\hklm]

[HKEY_USERS\S-1-5-21-1056058278-1912215596-151107422-1000\Software\Baidu Security\PC Faster\4.0.0.0\Statistic]

[HKEY_USERS\S-1-5-21-1056058278-1912215596-151107422-1000\Software\Baidu Security\PC Faster\4.0.0.0\TrayIcon]

[HKEY_USERS\S-1-5-21-1056058278-1912215596-151107422-1000\Software\Baidu Security\PC Faster\4.0.0.0\UUReport]

[HKEY_USERS\S-1-5-21-1056058278-1912215596-151107422-1000\Software\Baidu Security\PC Faster\Setup]

[HKEY_USERS\S-1-5-21-1056058278-1912215596-151107422-1000\Software\Clients\StartMenuInternet\BaiduSpark]

[HKEY_USERS\S-1-5-21-1056058278-1912215596-151107422-1000\Software\Clients\StartMenuInternet\BaiduSpark\Capabilities]

[HKEY_USERS\S-1-5-21-1056058278-1912215596-151107422-1000\Software\Clients\StartMenuInternet\BaiduSpark\Capabilities\UrlAssociations]

[HKEY_USERS\S-1-5-21-1056058278-1912215596-151107422-1000\Software\Clients\StartMenuInternet\BaiduSpark\Capabilities\UrlAssociations]
"magnet"="BaiduSpark.Url.magnet"

[HKEY_USERS\S-1-5-21-1056058278-1912215596-151107422-1000\Software\Microsoft\Windows\CurrentVersion\App Paths\Spark.exe]
@="C:\\Program Files\\baidu\\Spark\\Spark.exe"

[HKEY_USERS\S-1-5-21-1056058278-1912215596-151107422-1000\Software\Microsoft\Windows\CurrentVersion\Uninstall\Spark]
"InstallDir"="C:\\Program Files\\baidu\\Spark"

[HKEY_USERS\S-1-5-21-1056058278-1912215596-151107422-1000\Software\Microsoft\Windows\Shell\Associations\UrlAssociations\magnet\UserChoice]
"ProgId"="BaiduSpark.Url.magnet"

"C:\\Users\\usuario\\AppData\\Local\\Temp\\0997C7D2-1EB3-42c7-8320-01B7AFE40777[o]\\1.zipDir\\BaofengUpdate.exe"=dword:00000001
"C:\\Users\\usuario\\AppData\\Local\\Temp\\baidu_secure\\update\\BavPro_Setup_026.exe"=dword:00000001

[HKEY_USERS\S-1-5-21-1056058278-1912215596-151107422-1000\Software\RegisteredApplications]
"BaiduSpark"="Software\\Clients\\StartMenuInternet\\BaiduSpark\\Capabilities"

[HKEY_USERS\S-1-5-21-1056058278-1912215596-151107422-1000\Software\Classes\BaiduSpark.Url.magnet]

[HKEY_USERS\S-1-5-21-1056058278-1912215596-151107422-1000\Software\Classes\BaiduSpark.Url.magnet]
@="URL:BaiduSpark Magnet Protocol"

[HKEY_USERS\S-1-5-21-1056058278-1912215596-151107422-1000\Software\Classes\BaiduSpark.Url.magnet\shell]

[HKEY_USERS\S-1-5-21-1056058278-1912215596-151107422-1000\Software\Classes\BaiduSpark.Url.magnet\shell\open]

[HKEY_USERS\S-1-5-21-1056058278-1912215596-151107422-1000\Software\Classes\BaiduSpark.Url.magnet\shell\open\command]

[HKEY_USERS\S-1-5-21-1056058278-1912215596-151107422-1000\Software\Classes\BaiduSpark.Url.magnet\shell\open\command]
@="\"C:\\Program Files\\baidu\\Spark\\Spark.exe\" /url \"%1\""

[HKEY_USERS\S-1-5-21-1056058278-1912215596-151107422-1000\Software\Classes\BaiduSparkHTML]

[HKEY_USERS\S-1-5-21-1056058278-1912215596-151107422-1000\Software\Classes\BaiduSparkHTML\DefaultIcon]

[HKEY_USERS\S-1-5-21-1056058278-1912215596-151107422-1000\Software\Classes\BaiduSparkHTML\DefaultIcon]
@="C:\\Program Files\\baidu\\Spark\\resource\\application\\Image\\baidubrowserfile.ico"

[HKEY_USERS\S-1-5-21-1056058278-1912215596-151107422-1000\Software\Classes\BaiduSparkHTML\shell]

[HKEY_USERS\S-1-5-21-1056058278-1912215596-151107422-1000\Software\Classes\BaiduSparkHTML\shell\open]

[HKEY_USERS\S-1-5-21-1056058278-1912215596-151107422-1000\Software\Classes\BaiduSparkHTML\shell\open\command]

[HKEY_USERS\S-1-5-21-1056058278-1912215596-151107422-1000\Software\Classes\BaiduSparkHTML\shell\open\command]
@="\"C:\\Program Files\\baidu\\Spark\\Spark.exe\" -- \"%1\""

[HKEY_USERS\S-1-5-21-1056058278-1912215596-151107422-1000_Classes\BaiduSpark.Url.magnet]

[HKEY_USERS\S-1-5-21-1056058278-1912215596-151107422-1000_Classes\BaiduSpark.Url.magnet]
@="URL:BaiduSpark Magnet Protocol"

[HKEY_USERS\S-1-5-21-1056058278-1912215596-151107422-1000_Classes\BaiduSpark.Url.magnet\shell]

[HKEY_USERS\S-1-5-21-1056058278-1912215596-151107422-1000_Classes\BaiduSpark.Url.magnet\shell\open]

[HKEY_USERS\S-1-5-21-1056058278-1912215596-151107422-1000_Classes\BaiduSpark.Url.magnet\shell\open\command]

[HKEY_USERS\S-1-5-21-1056058278-1912215596-151107422-1000_Classes\BaiduSpark.Url.magnet\shell\open\command]
@="\"C:\\Program Files\\baidu\\Spark\\Spark.exe\" /url \"%1\""

[HKEY_USERS\S-1-5-21-1056058278-1912215596-151107422-1000_Classes\BaiduSparkHTML]

[HKEY_USERS\S-1-5-21-1056058278-1912215596-151107422-1000_Classes\BaiduSparkHTML\DefaultIcon]

[HKEY_USERS\S-1-5-21-1056058278-1912215596-151107422-1000_Classes\BaiduSparkHTML\DefaultIcon]
@="C:\\Program Files\\baidu\\Spark\\resource\\application\\Image\\baidubrowserfile.ico"

[HKEY_USERS\S-1-5-21-1056058278-1912215596-151107422-1000_Classes\BaiduSparkHTML\shell]

[HKEY_USERS\S-1-5-21-1056058278-1912215596-151107422-1000_Classes\BaiduSparkHTML\shell\open]

[HKEY_USERS\S-1-5-21-1056058278-1912215596-151107422-1000_Classes\BaiduSparkHTML\shell\open\command]

[HKEY_USERS\S-1-5-21-1056058278-1912215596-151107422-1000_Classes\BaiduSparkHTML\shell\open\command]
@="\"C:\\Program Files\\baidu\\Spark\\Spark.exe\" -- \"%1\""

[HKEY_USERS\S-1-5-18\Software\Baidu]

[HKEY_USERS\S-1-5-18\Software\Baidu\Application Bug]

[HKEY_USERS\S-1-5-18\Software\Baidu Security]

[HKEY_USERS\S-1-5-18\Software\Baidu Security\PC Faster]

==== Files Recently Created / Modified ======================

====== C:\Windows ====
====== C:\Users\usuario\AppData\Local\Temp ====
2015-02-12 15:40:38 E0DC8C6BBC787B972A9A468648DBFD85 1008128 ----a-w- C:\Users\usuario\AppData\Local\Temp\jrt\libiconv2.dll
2015-02-12 15:40:38 D202BAA425176287017FFE1FB5D1B77C 103424 ----a-w- C:\Users\usuario\AppData\Local\Temp\jrt\libintl3.dll
2015-02-12 15:40:38 57CAC848FA14AE38F14F9441F8933282 140288 ----a-w- C:\Users\usuario\AppData\Local\Temp\jrt\pcre3.dll
2015-02-12 15:40:38 547C43567AB8C08EB30F6C6BACB479A3 79360 ----a-w- C:\Users\usuario\AppData\Local\Temp\jrt\regex2.dll
====== Java Cache =====
====== C:\Windows\system32 =====
====== C:\Windows\system32\drivers =====
====== C:\Windows\Tasks ======
2015-02-12 00:40:51 FAC4C0EE91E30C7434062709A197B3EA 3140 ----a-w- C:\Windows\system32\Tasks\{25FC06C3-46BB-4B14-B334-13C564FEE932}
====== C:\Windows\Temp ======
======= C:\Program Files =====
2015-02-12 01:31:10 -------- d-----w- C:\Program Files\Calibre2
2015-02-12 00:41:29 -------- d-----w- C:\Program Files\ZHPDiag
2015-02-11 18:02:32 -------- d-----w- C:\Program Files\Opera
2015-02-11 18:00:52 -------- d-----w- C:\Program Files\OperaHelper
======= C: =====
2015-02-12 00:45:48 41FE3E4061661C05C78A47EFFD648A21 512 ----a-w- C:\PhysicalDisk0_MBR.bin
====== C:\Users\usuario\AppData\Roaming ======
2015-02-12 01:31:56 -------- d-----w- C:\Users\usuario\AppData\Roaming\calibre
2015-02-12 00:41:30 -------- d-----w- C:\Users\usuario\AppData\Roaming\ZHP
2015-02-12 00:31:46 -------- d-----w- C:\Users\usuario\AppData\Roaming\Warface808
2015-02-12 00:31:46 -------- d-----w- C:\Users\usuario\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Warface808
2015-02-12 00:31:44 -------- d-----w- C:\Users\usuario\AppData\Local\Warface
2015-02-11 18:26:04 -------- d-----w- C:\Users\usuario\AppData\Local\Opera Software
2015-02-11 18:26:03 -------- d-----w- C:\Users\usuario\AppData\Roaming\Opera Software
====== C:\Users\usuario ======
2015-02-12 15:40:09 AF6E966D1F38287EF4D33B246CCC3A33 1388274 ----a-w- C:\Users\usuario\Downloads\JRT.exe
2015-02-12 01:31:10 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\calibre - E-book Management
2015-02-12 00:41:39 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZHP
2015-02-12 00:36:10 9E46E95098F1418382D08274A06FC4CD 6874603 ----a-w- C:\Users\usuario\Downloads\ZHPDiag2.exe
2015-02-11 18:02:23 -------- d-----r- C:\Windows\system32\config\systemprofile\Favorites

====== C: exe-files ==
2015-02-12 15:40:09 AF6E966D1F38287EF4D33B246CCC3A33 1388274 ----a-w- C:\Users\usuario\Downloads\JRT.exe
2015-02-12 13:59:29 3525B3C9CAFCED38E0AB2334DA7FB449 487056 ----a-w- C:\Users\usuario\AppData\Roaming\ZHP\Quarantine\windowsmangerprotect.DIR\ProtectWindowsManager.exe
2015-02-12 13:59:26 1087BE1ED3E4CF8BAC3DFB8BCF76FACF 1891840 ----a-w- C:\Users\usuario\AppData\Roaming\ZHP\Quarantine\key-find.DIR\UninstallManager.exe
2015-02-12 00:41:39 CB2D120A4B72422A8141192831B1F500 80384 ----a-w- C:\Program Files\ZHPDiag\mbrcheck.exe
2015-02-12 00:41:39 5DAF7081A4BB112FA3F1915819330A3E 61440 ----a-w- C:\Program Files\ZHPDiag\pv.exe
2015-02-12 00:41:38 F3A37421DBD1AAA36558C97572C91C5A 147456 ----a-w- C:\Program Files\ZHPDiag\catchme.exe
2015-02-12 00:41:38 53CDBB093B0AEE9FD6CF1CBD25A95077 290304 ----a-w- C:\Program Files\ZHPDiag\subinacl.exe
2015-02-12 00:41:38 451AE03D3C92777F09840CA56F08AB62 454056 ----a-w- C:\Program Files\ZHPDiag\setacl32.exe
2015-02-12 00:41:38 3E350EB5DF15C06DEC400A39DD1C6F29 559528 ----a-w- C:\Program Files\ZHPDiag\setacl64.exe
2015-02-12 00:41:38 2312A38B8B003330DB919FA818C48449 231048 ----a-w- C:\Program Files\ZHPDiag\sigcheck.exe
2015-02-12 00:41:37 9DAA7218961710008D7385B01BD3F386 89088 ----a-w- C:\Program Files\ZHPDiag\mbr.exe
2015-02-12 00:41:37 6B8AF3A2A3D9059008B55C444461CA00 61952 ----a-w- C:\Program Files\ZHPDiag\Lads.exe
2015-02-12 00:41:35 C155A13687144076286989EF078112C2 1917440 ----a-w- C:\Program Files\ZHPDiag\ZHPFix\ZHPhep.exe
2015-02-12 00:41:34 3972143EE1A3AD5C732BE7B96A239BC1 3060224 ----a-w- C:\Program Files\ZHPDiag\ZHPFix\ZHPFix.exe
2015-02-12 00:41:32 BEDBAAE1658ED5CBD8AF0B514774F7DD 8166912 ----a-w- C:\Program Files\ZHPDiag\ZHPDiag.exe
2015-02-12 00:41:30 C155A13687144076286989EF078112C2 1917440 ----a-w- C:\Program Files\ZHPDiag\ZHPhep.exe
2015-02-12 00:41:30 8AE13B97BFCAD6C7D3B8C8A1C298EFB4 694736 ----a-w- C:\Program Files\ZHPDiag\unins000.exe
2015-02-12 00:36:10 9E46E95098F1418382D08274A06FC4CD 6874603 ----a-w- C:\Users\usuario\Downloads\ZHPDiag2.exe
2015-02-11 18:03:14 4E90426FF1D88920B01FA21FB4154DD3 32900504 ----a-w- C:\Users\usuario\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4JQ7CB4D\Opera_27.0.1689.69_Setup[1].exe
2015-02-11 13:26:19 1F9A2717F6C6D3440B1F4A59FF96C708 1043024 ----a-w- C:\Program Files\Google\Update\Install\{0CE05D0B-3C64-4B19-8221-47A0AEC6FA28}\40.0.2214.111_40.0.2214.94_chrome_updater.exe
2015-02-11 13:26:18 1F9A2717F6C6D3440B1F4A59FF96C708 1043024 ----a-w- C:\Program Files\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\40.0.2214.111\40.0.2214.111_40.0.2214.94_chrome_updater.exe
2015-02-11 13:20:01 FD98434B6A06FE31A35E4BFBC827B290 52040 ----atw- C:\Program Files\Google\Update\1.3.26.9\GoogleUpdateOnDemand.exe
2015-02-11 13:20:01 5F0A3AA68785C49454F56C9F2DDA0237 52040 ----atw- C:\Program Files\Google\Update\1.3.26.9\GoogleUpdateWebPlugin.exe
2015-02-11 13:20:01 4C02536F4CA35911FB3EA5715F300C57 52040 ----atw- C:\Program Files\Google\Update\1.3.26.9\GoogleUpdateBroker.exe
2015-02-11 13:20:00 7CA00A58AA808F4B9844C91845910377 880208 ----a-w- C:\Program Files\Google\Update\1.3.26.9\GoogleUpdateSetup.exe
2015-02-11 13:19:53 F3B6470DA7CE34E559D3BA7365CC909C 115528 ----atw- C:\Program Files\Google\Update\1.3.26.9\GoogleUpdateComRegisterShell64.exe
2015-02-11 13:19:53 83BB030C71C9727DCFB2737005772C4E 232264 ----atw- C:\Program Files\Google\Update\1.3.26.9\GoogleCrashHandler.exe
2015-02-11 13:19:53 323CFFFDAF253AC65CD194A101BE6231 287048 ----atw- C:\Program Files\Google\Update\1.3.26.9\GoogleCrashHandler64.exe
2015-02-11 13:19:52 E1B44A75947137F4143308D566889837 107848 ----atw- C:\Program Files\Google\Update\1.3.26.9\GoogleUpdate.exe
2015-02-11 13:19:44 7CA00A58AA808F4B9844C91845910377 880208 ----a-w- C:\Program Files\Google\Update\Install\{3D2DFE9C-96A1-4C39-953A-45481B5E5A9C}\GoogleUpdateSetup.exe
2015-02-11 13:19:44 7CA00A58AA808F4B9844C91845910377 880208 ----a-w- C:\Program Files\Google\Update\Download\{430FD4D0-B729-4F61-AA34-91526481799D}\1.3.26.9\GoogleUpdateSetup.exe
=== C: other files ==
2015-02-12 15:40:34 F56A319979F631C141F5FF02DF87FDB1 43563 ----a-w- C:\Users\usuario\AppData\Local\Temp\jrt\prelim.bat
2015-02-12 15:40:34 E49F9C309DC32E854A081507B89EBE39 11201 ----a-w- C:\Users\usuario\AppData\Local\Temp\jrt\runvalues.bat
2015-02-12 15:40:34 DD1E4D974B1672ABD09EFFB225791C4A 1230 ----a-w- C:\Users\usuario\AppData\Local\Temp\jrt\TDL4.bat
2015-02-12 15:40:34 AD2F52DC72B10AF331692E4A4DD80DFC 18670 ----a-w- C:\Users\usuario\AppData\Local\Temp\jrt\medfos.bat
2015-02-12 15:40:34 AA0C656F898523BEDF2DA6923197BB80 1264 ----a-w- C:\Users\usuario\AppData\Local\Temp\jrt\surfvox.bat
2015-02-12 15:40:34 8E6020C14F982CF11B3FE7DBB0CB8EDE 24738 ----a-w- C:\Users\usuario\AppData\Local\Temp\jrt\searchlnk.bat
2015-02-12 15:40:34 8BA81DD47CF392BEBEE506E3789F9FBA 14924 ----a-w- C:\Users\usuario\AppData\Local\Temp\jrt\get.bat
2015-02-12 15:40:34 86707BCE5CBB65D9B1C41E249B4423BA 152733 ----a-w- C:\Users\usuario\AppData\Local\Temp\jrt\firefox.bat
2015-02-12 15:40:34 83F691D8398F0E37E71E9355BF730DB9 719 ----a-w- C:\Users\usuario\AppData\Local\Temp\jrt\ev_clear.bat
2015-02-12 15:40:34 56CE326F6AAE3CF1709D332C04E8F9F1 191237 ----a-w- C:\Users\usuario\AppData\Local\Temp\jrt\misc.bat
2015-02-12 15:40:34 38A0BDF322ACCC968B0A824C38D50157 29635 ----a-w- C:\Users\usuario\AppData\Local\Temp\jrt\ask.bat
2015-02-12 15:40:34 335DFF8F23E5EC02B5426362F0F8509B 31401 ----a-w- C:\Users\usuario\AppData\Local\Temp\jrt\iexplore.bat
2015-02-12 15:40:34 0C4649A62845AB5D5DBCC4998477FF6D 1813 ----a-w- C:\Users\usuario\AppData\Local\Temp\jrt\delfolders.bat
2015-02-12 15:40:34 080CFDE64F31E7B50EECF4552033E84D 9937 ----a-w- C:\Users\usuario\AppData\Local\Temp\jrt\mws.bat
2015-02-12 15:40:34 048407135C9B1FB6A355E256BD96160D 14192 ----a-w- C:\Users\usuario\AppData\Local\Temp\jrt\chrome.bat
2015-02-12 00:03:17 F32420C35FBA394D5F9A7C46EDE88D9E 393704 ----a-w- C:\Users\usuario\Desktop\KEILA\livros\ADMINISTRATVO\Analista_Tecnico_Administrativo_ESAF_2014.zip
2015-02-12 00:03:16 F64D2AF77BB4F613A5F62E15AF526CB8 225493 ----a-w- C:\Users\usuario\Desktop\KEILA\livros\ADMINISTRATVO\Analista_Tecnico_Administrativo_ESAF_2013.zip
2015-02-11 18:52:01 1E4E119C80268FDBD37E0B0A5011CA72 4629379 ----a-w- C:\Users\usuario\Downloads\tributario.zip

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-21-1056058278-1912215596-151107422-1000\Software\Microsoft\Windows\CurrentVersion\Run]
"uTorrent"="C:\Users\usuario\AppData\Roaming\uTorrent\uTorrent.exe /MINIMIZED"

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"TkBellExe"="C:\Program Files\Common Files\Real\Update_OB\realsched.exe -osboot"
"MSC"="c:\Program Files\Microsoft Security Client\msseces.exe -hide -runkey"
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
"BCSSync"="C:\Program Files\Microsoft Office\Office14\BCSSync.exe /DelayServices"
"AvastUI.exe"="C:\Program Files\AVAST Software\Avast\AvastUI.exe /nogui"
"USB Security"="C:\Program Files\USB Disk Security\USBGuard.exe"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"uTorrent"="C:\Users\usuario\AppData\Roaming\uTorrent\uTorrent.exe /MINIMIZED"

==== Startup Registry Disabled ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SiSTray]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="SiSTray"
"hkey"="HKLM"
"command"="%ProgramFiles%\\SiS VGA Utilities\\SiSTray.exe"


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^Users^usuario^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Baidu PC Faster Uninstall 4.0.0.0.lnk]
"path"="C:\\Users\\usuario\\AppData\\Roaming\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\Baidu PC Faster Uninstall 4.0.0.0.lnk"
"backup"="C:\\Windows\\pss\\Baidu PC Faster Uninstall 4.0.0.0.lnk.Startup"
"backupExtension"=".Startup"
"command"="C:\\Windows\\System32\\rundll32.exe \"C:\\Users\\usuario\\AppData\\Roaming\\Baidu Security\\PC Faster\\4.0.0.0\\Uninstall\\Baidu PC Faster Uninstall\\0\\InstallUtility.dll\", _OpenUrl -run \"Baidu PC Faster Uninstall\" -ini \"OpenUrl.ini\""
"item"="Baidu PC Faster Uninstall 4.0.0.0"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^Users^usuario^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Baidu PC Faster Uninstall HK 4.0.0.0.lnk]
"path"="C:\\Users\\usuario\\AppData\\Roaming\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\Baidu PC Faster Uninstall HK 4.0.0.0.lnk"
"backup"="C:\\Windows\\pss\\Baidu PC Faster Uninstall HK 4.0.0.0.lnk.Startup"
"backupExtension"=".Startup"
"command"="C:\\Windows\\System32\\rundll32.exe \"C:\\Users\\usuario\\AppData\\Roaming\\Baidu Security\\PC Faster\\4.0.0.0\\Uninstall\\Baidu PC Faster Uninstall HK\\0\\InstallUtility.dll\", _OpenUrl -run \"Baidu PC Faster Uninstall HK\" -ini \"OpenUrl.ini\""
"item"="Baidu PC Faster Uninstall HK 4.0.0.0"


==== Task Scheduler Jobs ======================

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [06/05/2014 15:04]
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [06/05/2014 15:04]

==== Other Scheduled Tasks ======================

"C:\Windows\system32\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files\Google\Update\GoogleUpdate.exe]
"C:\Windows\system32\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files\Google\Update\GoogleUpdate.exe]
"C:\Windows\system32\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc]

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions]
"wrc@avast.com"="C:\Program Files\AVAST Software\Avast\WebRep\FF" [22/02/2010 00:03]

==== Firefox Extensions ======================

AppDir: C:\Program Files\Mozilla Firefox
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

==== Firefox Plugins ======================

Profilepath: C:\Users\usuario\AppData\Roaming\Mozilla\Firefox\Profiles\bum5tz84.default
D775FA6F1E88B3B99E69E8A0D6C3A819 - C:\Windows\system32\Macromed\Flash\NPSWF32_12_0_0_70.dll - Shockwave Flash
9E448F221E741DD0ACCB381190D01B3E - C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll - RealJukebox NS Plugin
5DB82B8C515C875AE58E1B8B5997416B - C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll - RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit)
2CDA67C1309CA966D8EFEE4EE0D6CA92 - C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll - RealPlayer Version Plugin
6DE7BF0DADC0881F7ED82D9FCC998B89 - C:\Program Files\Adobe\Reader 9.0\Reader\browser\nppdf32.dll - Adobe Acrobat


==== Chromium Look ======================

Google Chrome Version: 40.0.2214.111 (Up to date, latest Stable version: 40.0.2214.111)

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
gomekmidlodglbbmalcneegieacbdmki - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx[06/05/2014 15:03]

Google Docs - usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake
Google Drive - usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf
YouTube - usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
Google Search - usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
Google Wallet - usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
Gmail - usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia

==== Chromium Fix ======================

C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.key-find.com_0.localstorage deleted successfully
C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.key-find.com_0.localstorage-journal deleted successfully

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://google.com"
"Search Page"="http://google.com"
"Search Bar"="https://br.yahoo.com/?fr=hp-avast&type=avastbcl"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://google.com"
"Search Page"="http://google.com"
"Search Bar"="http://www.google.com"
"Start Page Redirect Cache"="http://www.google.com"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Start Page"="http://google.com"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Page Redirect Cache"="http://go.microsoft.com/fwlink/?LinkId=69157"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
{012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"

==== Empty IE Cache ======================

C:\Users\usuario\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\usuario\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3160F87P will be deleted at reboot
C:\Users\usuario\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QUZP3R17 will be deleted at reboot
C:\Users\usuario\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\RA80BY88 will be deleted at reboot
C:\Users\usuario\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot
C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot
C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot

==== Empty FireFox Cache ======================

C:\Users\usuario\AppData\Local\Mozilla\Firefox\Profiles\bum5tz84.default\Cache emptied successfully

==== Empty Chrome Cache ======================

C:\Users\usuario\AppData\Local\Opera Software\Opera Stable\Cache emptied successfully
C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

No Java Cache Found

==== C:\zoek_backup content ======================

C:\zoek_backup (files=22 folders=9 222019 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\usuario\AppData\Local\Temp will be emptied at reboot
C:\Users\USURIO~1\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\usuario\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\Users\usuario\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found
"C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not deleted
"C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not deleted
"C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not deleted
"C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not deleted
"C:\Users\usuario\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3160F87P" not found
"C:\Users\usuario\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QUZP3R17" not found
"C:\Users\usuario\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\RA80BY88" not found

==== EOF on 12/02/2015 at 13:31:46,37 ======================
avatar
keyka13
Iniciante
Iniciante

Mensagens : 34
Reputação : 0
Data de inscrição : 27/02/2014

Voltar ao Topo Ir em baixo

Re: Remover o Find Key- find.com

Mensagem por joram em Qui 12 Fev 2015, 14:58

/!\ Boa Tarde! keyka13 /!\

< C:\\Program Files\\baidu\\Spark >

> Existem muitas entradas do Baidu PC Faster e Spark.
> Vc ainda possui este navegador da Baidu? ( Spark )


A+
avatar
joram
Administrador
Administrador

Mensagens : 3768
Reputação : 416
Data de inscrição : 26/01/2014
Localização : Rio de Janeiro

Voltar ao Topo Ir em baixo

Re: Remover o Find Key- find.com

Mensagem por keyka13 em Qui 12 Fev 2015, 15:16

Boa tarde Joram,

Não sei como adquiri essas pragas mas, esse Baidu Pc Faster encontrei nos arquivos de programas, pedir para desinstalar e apareceu a informação de que já havia sido desinstalado. Quando ao Spark não encontrei nada referente a ele nos arquivos de programas.


Att.,

Keyka
avatar
keyka13
Iniciante
Iniciante

Mensagens : 34
Reputação : 0
Data de inscrição : 27/02/2014

Voltar ao Topo Ir em baixo

Re: Remover o Find Key- find.com

Mensagem por joram em Qui 12 Fev 2015, 15:33

/!\ Boa Tarde! keyka13 /!\

> Tente pelo seu Uninstall,que se localiza em sua pasta.

[Você precisa estar registrado e conectado para ver esta imagem.]

> Desinstale: < Baidu PC Faster >

> Acesse "Adicionar e Remover Programas" e desinstale o software.
> Ou vá em: C:\Program Files (x86)\Baidu Security\Baidu Antivirus\Uninstall <<
> Clique em "Uninstall" e confirme todas as janelas,durante a desinstalação.
>
> Baixe: < [Você precisa estar registrado e conectado para ver este link.] > ( ... de Pierre13 )
> Salve-o no desktop!
> Para Windows Vista e 7,execute "SFTGC.exe" como administrador!

[Você precisa estar registrado e conectado para ver esta imagem.]

> Execute-o e clique "Go".
> Aguarde seu término,que é rápido.
> Poste o relatório! ( SFT.txt )
> Ps: De acordo com o tamanho do relatório,não poste-o diretamente!

> Acesse,para esta tarefa! < [Você precisa estar registrado e conectado para ver este link.] >

A+
avatar
joram
Administrador
Administrador

Mensagens : 3768
Reputação : 416
Data de inscrição : 26/01/2014
Localização : Rio de Janeiro

Voltar ao Topo Ir em baixo

Re: Remover o Find Key- find.com

Mensagem por keyka13 em Qui 12 Fev 2015, 15:54

Boa Tarde Joram,

Segue o link do relatório.

[Você precisa estar registrado e conectado para ver este link.]


Att.,

Keyka13.
avatar
keyka13
Iniciante
Iniciante

Mensagens : 34
Reputação : 0
Data de inscrição : 27/02/2014

Voltar ao Topo Ir em baixo

Re: Remover o Find Key- find.com

Mensagem por joram em Qui 12 Fev 2015, 16:16

/!\ Boa Tarde! keyka13 /!\

> Como está o computador? Houve melhoras?

> Baixe: < [Você precisa estar registrado e conectado para ver este link.] > ( ... by Farbar )

> No banner àcima,é para sistemas 32bits!

< [Você precisa estar registrado e conectado para ver este link.]

> No link àcima,é para sistemas 64bits!
> Salve-o no desktop! (Área de trabalho ...)
> Execute a ferramenta! Clique "Yes" >> "Scan".

[Você precisa estar registrado e conectado para ver esta imagem.]

> Antes de clicar "Scan",verifique se as caixinhas em "Whitelist" estão assinaladas.
> Em "Optional Scan",deixe marcada a checkbox "Addition.txt".
> Ps: Será gerado,também,o relatório "Addition.txt" que estará disponibilizado na 1ª execução da ferramenta.
> Poste os relatórios! (FRST.txt + Addition.txt)

> Como o log será extenso,envie-o à [Você precisa estar registrado e conectado para ver este link.]

[Você precisa estar registrado e conectado para ver esta imagem.]

> O link ao relatório,que é este assinalado,deverá ser colado em sua resposta.

[Você precisa estar registrado e conectado para ver esta imagem.]

> Ou clique "Copier le lien (*)" e cole o link ao seu Post.

A+
avatar
joram
Administrador
Administrador

Mensagens : 3768
Reputação : 416
Data de inscrição : 26/01/2014
Localização : Rio de Janeiro

Voltar ao Topo Ir em baixo

Re: Remover o Find Key- find.com

Mensagem por keyka13 em Qui 12 Fev 2015, 16:31

Boa tarde Joram,


O desempenho está ótimo, parece até outra máquina.

Segue os links dos relatórios.

[Você precisa estar registrado e conectado para ver este link.]
[Você precisa estar registrado e conectado para ver este link.]

Att.,

Keyka13
avatar
keyka13
Iniciante
Iniciante

Mensagens : 34
Reputação : 0
Data de inscrição : 27/02/2014

Voltar ao Topo Ir em baixo

Re: Remover o Find Key- find.com

Mensagem por joram em Qui 12 Fev 2015, 16:48

/!\ Boa Tarde! keyka13 /!\

> Copie estas informações que estão em vermelho,para o Bloco de Notas.
> Salve-as com o nome fixlist. << Texto!
> Salve-as na pasta Downloads! /!\ C:\Users\usuario\Downloads /!\

start
CloseProcesses:
emptytemp:                     
S0 Bhbase; System32\drivers\Bhbase.sys [X]
2015-02-12 14:48 - 2015-02-12 14:49 - 01348096 _____ () C:\Users\usuario\Downloads\SFTGC.exe
2015-02-12 13:27 - 2015-02-12 12:58 - 00024064 _____ () C:\Windows\zoek-delete.exe
2015-02-12 13:00 - 2015-02-12 13:31 - 00050188 _____ () C:\zoek-results.log
2015-02-12 12:58 - 2015-02-12 13:24 - 00000000 ____D () C:\zoek_backup
2015-02-12 12:58 - 2015-02-12 12:58 - 01295360 _____ () C:\Users\usuario\Downloads\zoek.exe
2015-02-12 12:44 - 2015-02-12 12:44 - 00000771 _____ () C:\Users\usuario\Desktop\JRT.txt
2015-02-12 12:40 - 2015-02-12 12:40 - 01388274 _____ (Thisisu) C:\Users\usuario\Downloads\JRT.exe
2015-02-12 11:06 - 2015-02-12 11:06 - 00000030 _____ () C:\Users\usuario\Downloads\relatorio 2.txt
2015-02-12 11:04 - 2015-02-12 11:04 - 00000030 _____ () C:\Users\usuario\Downloads\relatorio1.txt
2015-02-12 11:01 - 2015-02-12 11:01 - 00005152 _____ () C:\Users\usuario\Downloads\ZHPFix[R1].txt
2015-02-12 10:59 - 2015-02-12 10:59 - 00005152 _____ () C:\Users\usuario\Desktop\ZHPFixReport.txt
2015-02-11 22:04 - 2015-02-11 22:04 - 00000033 _____ () C:\Users\usuario\Downloads\relatorio.txt
2015-02-11 21:50 - 2015-02-11 21:50 - 00085889 _____ () C:\Users\usuario\Downloads\ZHPDiag.txt
2015-02-11 21:46 - 2015-02-11 21:46 - 00085889 _____ () C:\Users\usuario\Desktop\ZHPDiag.txt
2015-02-11 21:45 - 2015-02-11 21:45 - 00000512 _____ () C:\PhysicalDisk0_MBR.bin
2015-02-11 21:41 - 2015-02-12 10:59 - 00000000 ____D () C:\Users\usuario\AppData\Roaming\ZHP
2015-02-11 21:41 - 2015-02-11 21:45 - 00000000 ____D () C:\Program Files\ZHPDiag
2015-02-11 21:41 - 2015-02-11 21:41 - 00001933 _____ () C:\Users\usuario\Desktop\ZHPFix.lnk
2015-02-11 21:41 - 2015-02-11 21:41 - 00001806 _____ () C:\Users\usuario\Desktop\ZHPDiag.lnk
2015-02-11 21:41 - 2015-02-11 21:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZHP
2015-02-11 21:36 - 2015-02-11 21:37 - 06874603 _____ (Nicolas Coolman ) C:\Users\usuario\Downloads\ZHPDiag2.exe
2015-02-12 13:39 - 2014-03-15 22:43 - 00592877 _____ () C:\Windows\WindowsUpdate.log
2015-02-12 13:28 - 2014-03-15 22:42 - 00034786 _____ () C:\Windows\PFRO.log
2014-10-06 18:57 - 2014-10-06 18:57 - 0000020 _____ () C:\ProgramData\bc.ini
end


> Execute FRST/FRST64 >> Clique "Fix" << Aguarde!
> Na mensagem,clique Executar
> Poste o relatório! (Fixlog.txt)

[Você precisa estar registrado e conectado para ver esta imagem.]
< Peço aos visitantes que não utilizem este script em outros computadores,sob risco de danos irreparáveis aos mesmos! >

A+
avatar
joram
Administrador
Administrador

Mensagens : 3768
Reputação : 416
Data de inscrição : 26/01/2014
Localização : Rio de Janeiro

Voltar ao Topo Ir em baixo

Re: Remover o Find Key- find.com

Mensagem por keyka13 em Qui 12 Fev 2015, 17:08

Boa Tarde Joram,


Segue o relatório.

[Você precisa estar registrado e conectado para ver este link.]

Att.,

Keyka13
avatar
keyka13
Iniciante
Iniciante

Mensagens : 34
Reputação : 0
Data de inscrição : 27/02/2014

Voltar ao Topo Ir em baixo

Re: Remover o Find Key- find.com

Mensagem por joram em Qui 12 Fev 2015, 17:15

/!\ Boa Tarde! keyka13 /!\

> Encontrando entradas inválidas ou pastas do software Baidu,pode deletar.

> Não havendo mais problemas,remova as ferramentas que foram utilizadas na desinfecção!

> Baixe: < [Você precisa estar registrado e conectado para ver este link.] > ( ... de Xplode )

[Você precisa estar registrado e conectado para ver esta imagem.]

> Estando na página,clique em Download Now
> Salve-a em um local conveniente! ( desktop! )
> Feche aplicativos que estejam abertos.

[Você precisa estar registrado e conectado para ver esta imagem.]

> Remover ferramentas de desinfecção
> Criar backup do registro
> Limpar pontos da restauração do sistema

> Com estas caixinhas marcadas,clique Executar!
> Reinicie o computador ao concluir!
> Tudo Ok?

A+
avatar
joram
Administrador
Administrador

Mensagens : 3768
Reputação : 416
Data de inscrição : 26/01/2014
Localização : Rio de Janeiro

Voltar ao Topo Ir em baixo

Re: Remover o Find Key- find.com

Mensagem por keyka13 em Qui 12 Fev 2015, 17:33

Boa tarde Joram,


O procedimento foi realizado com sucesso. Obrigada por toda a ajuda e atenção disponibilizadas. Desejo sucesso a vc e a toda a equipe do forumpcbrasil e parabéns pelo trabalho realizado por vcs.

Att.,

Keyka13
avatar
keyka13
Iniciante
Iniciante

Mensagens : 34
Reputação : 0
Data de inscrição : 27/02/2014

Voltar ao Topo Ir em baixo

Re: Remover o Find Key- find.com

Mensagem por joram em Qui 12 Fev 2015, 18:45

/!\ Boa Noite! keyka /!\

> Como retornou ao Chrome,vamos resetá-lo!

> Baixe: < [Você precisa estar registrado e conectado para ver este link.] > ( ... by Smeenk )

< [Você precisa estar registrado e conectado para ver esta imagem.] [Você precisa estar registrado e conectado para ver este link.] >

> Salve-o ao desktop!
> Desabilite seu antivírus!
> Para Windows 7,execute Zoek.exe como administrador.

emptyfolderscheck;delete
shortcutfix;
quickscan;
chromelook;
chrdefaults;
reset chrome;
emptyCHRcache;
emptytemp;
emptyclsid;
autoclean;
 

> Copie e cole estas informações,que estão em vermelho,no campo da ferramenta.
> Clique "Run Script". 

Zoek.exe is running now. 
Do not start any browser windows, they will be closed automatically. 
Please wait! This window will close when finished. 
A logfile will open afterwards and can also be found on your systemdrive as zoek-results.log
> Surgirão informações,pedindo-lhe que aguarde o surgimento do relatório.
> Ps: Essas informações,podem permanecer estáticas na tela por 20 minutos ou mais.

[Você precisa estar registrado e conectado para ver esta imagem.]

> Confirme o reboot!

zoek.hta failed by unknown error.
Restart computer, and try again.
> Ps: Ao obter algum erro,reinicie o PC e execute,novamente,a ferramenta.
> Poste o relatório,que estará em C:\zoek-results.txt << 

A+
avatar
joram
Administrador
Administrador

Mensagens : 3768
Reputação : 416
Data de inscrição : 26/01/2014
Localização : Rio de Janeiro

Voltar ao Topo Ir em baixo

Re: Remover o Find Key- find.com

Mensagem por keyka13 em Qui 12 Fev 2015, 19:35

Boa noite Joram,

Segue o relatório.

[Você precisa estar registrado e conectado para ver este link.]

Att.,

Keyka13
avatar
keyka13
Iniciante
Iniciante

Mensagens : 34
Reputação : 0
Data de inscrição : 27/02/2014

Voltar ao Topo Ir em baixo

Re: Remover o Find Key- find.com

Mensagem por joram em Qui 12 Fev 2015, 19:49

/!\ Olá! keyka13 /!\

> O Chrome ainda acusa o retorno do Find.com?

A+

_________________
[Você precisa estar registrado e conectado para ver este link.] >> O que há de melhor,para desinfectar seu computador!
[Você precisa estar registrado e conectado para ver este link.] >> Não deixem de conhecer!
[Você precisa estar registrado e conectado para ver este link.] >> Tradição em informática!
avatar
joram
Administrador
Administrador

Mensagens : 3768
Reputação : 416
Data de inscrição : 26/01/2014
Localização : Rio de Janeiro

Voltar ao Topo Ir em baixo

Re: Remover o Find Key- find.com

Mensagem por keyka13 em Qui 12 Fev 2015, 19:56

Olá Joram,

O chrome continua iniciando com a página do Find.com.


Att.,

Keyka13
avatar
keyka13
Iniciante
Iniciante

Mensagens : 34
Reputação : 0
Data de inscrição : 27/02/2014

Voltar ao Topo Ir em baixo

Re: Remover o Find Key- find.com

Mensagem por Conteúdo patrocinado


Conteúdo patrocinado


Voltar ao Topo Ir em baixo

Página 1 de 2 1, 2  Seguinte

Ver o tópico anterior Ver o tópico seguinte Voltar ao Topo


 
Permissão deste fórum:
Você não pode responder aos tópicos neste fórum